This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Block remote Lansweeper server from scanning

max_payne
Engaged Sweeper

‎04-12-2018 01:11 PM

Hello,

We have one domain, two remote sites (linked by vpn) and in each site a Lansweeper server.

How can I block a remote Lansweeper server scan local site?
I don't want the IT admins (each site has a domain admin) scan each other's assets.

Thank you.
Labels:
0 Kudos
3 REPLIES 3
Esben_D
Lansweeper Employee
Lansweeper Employee

‎04-16-2018 02:05 PM

Ah I see.

You should be able to specify modify the existing group policy so that it will only allow traffic from a specific IP (being the IP address of your local Lansweeper scanning server).

You can find the steps for how to set up the group policy here: https://www.lansweeper.com/kb/6/firewall.html
Just make sure you enter the IP address of your scanning server in the "Allow unsolicited incoming messages from:" textbox.
0 Kudos
max_payne
Engaged Sweeper

‎04-14-2018 05:34 PM

Hello,

Thanks for answering, but maybe I didn't explained correctly.
We have 2 sites, 2 licenses, 2 domain admins.

I was asking how to block cross site scanning using group policy or firewall rules.

Thank you.
0 Kudos
Esben_D
Lansweeper Employee
Lansweeper Employee

‎04-13-2018 01:47 PM

This kind of permission splitting has been requested a lot and we're hard at work at looking into the possibilities in order to best handle situations like yours. Unfortunately I don't have an estimation on when these features will be ready.

Currently, if a user can view assets within Lansweeper, they can view all the assets in the database, regardless of the location they were scanned from.
While there are ways of blocking Lansweeper from scanning a remote domain (blocking the required connections). Do note that data from both scanning servers will be gathered in the database and view-able to everyone who can view assets in Lansweeper.

So while you can prevent you admins from scanning the other site's domain, it will not prevent them being able to see the asset data. If you truly want to split who can see which assets. You will have to get multiple licenses (a smaller license per site). Having a separate license per site means that you have a separate database per site.
0 Kudos

General Discussions

Find answers to technical questions about Lansweeper.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now
Top